Month: November 2022

0 Comments
Malicious software, or “malware,” refers to any program designed to infect and disrupt computer systems and networks. The risks associated with a malware infection can range from poor device performance to stolen data.  However, thanks to their closed ecosystem, built-in security features, and strict policies on third-party apps, Apple devices tend to be less prone
0 Comments
A business email compromise (BEC) group dubbed ‘Crimson Kingsnake’ has recently been spotted impersonating well-known international law firms to trick recipients into approving overdue invoice payments. As outlined in a technical write-up by cloud email security platform Abnormal, 92 malicious domains of 19 law firms and debt collection agencies across the US, UK and Australia have been
0 Comments
Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has “observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability,” making it imperative that organizations
0 Comments
The LockBit hacking group has claimed responsibility for the August cyber-attack against the multinational automotive group Continental. The ransomware gang made the announcement on its leak site on Wednesday and is threatening to publish the company’s data unless the ransom is paid over the next few hours of today (Friday). On the dark web blog
0 Comments
This week’s news offered fresh reminders of the threat that ransomware poses for businesses and critical infrastructure worldwide A number of reports published this week offered a reminder of the threat that ransomware poses for organizations and critical infrastructure worldwide, and were also an indication of the enormous repercussions that a successful ransomware attack can
0 Comments
Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers’ machines with a malware called W4SP Stealer. “The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22,”
0 Comments
The individuals behind the Black Basta ransomware have been linked to hacking operations conducted by the FIN7 threat actors. According to a new advisory by SentinelLabs, Black Basta actors have used a custom defense impairment tool (found exclusively in incidents by this specific threat actor) in several instances. “Our investigation led us to a further
0 Comments
The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. “This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions of Kavach multi-authentication (MFA) applications,” Zscaler ThreatLabz researcher Sudeep Singh said in a Thursday
0 Comments
What you paid for your home, who lives there with you, your age, your children, your driving record, education, occupation, estimated income, purchasing habits, and any political affiliations you may have—all pretty personal information, right? Well, there’s a good chance that anyone can find it online. All it takes is your name and address.  
0 Comments
The US Department of Justice (DoJ) has published a document highlighting charges against eight individuals for their participation in a Racketeer Influenced and Corrupt Organizations (RICO) conspiracy that involved hacking and tax fraud. US attorney Roger B. Handberg announced the partial unsealing of the indictment on Tuesday, charging Andi Jacques, Monika Shauntel Jenkins, Louis Noel
0 Comments
by Paul Ducklin Yesterday, we wrote about the waited-for-with-bated-breath OpenSSL update that attracted many column-kilometres of media attention last week. The OpenSSL team announced in advance, as it usually does, that a new version of its popular cryptographic library would soon be released. This notification stated that the update would patch against a security hole
0 Comments
Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to fully take over affected servers. “These vulnerabilities can be chained together by an unauthenticated, remote attacker to gain code execution on the server running Checkmk version 2.1.0p10 and lower,” SonarSource researcher Stefan Schiller
0 Comments
A major hospital in Osaka, Japan, has suspended routine medical services following a ransomware cyber-attack that disrupted its electronic medical record systems. Emergency operations are continuing, but Osaka General Medical Center officials told reporters on Monday that the hospital system failed earlier today and could not be accessed. They have also reported that a contractor
0 Comments
The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution. The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as buffer overrun vulnerabilities that can be triggered during X.509 certificate verification by supplying a specially-crafted
0 Comments
The Cybersecurity and Infrastructure Security Agency (CISA) has published a new series of guidelines to help federal agencies defend against distributed denial-of-service (DDoS) attacks. The Capacity Enhancement Guide has been published in collaboration with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). It provides organizations with proactive steps
0 Comments
by Paul Ducklin Imagine that you’d spoken in what you thought was total confidence to a psychotherapist, but the contents of your sessions had been saved for posterity, along with precise personal identification details such as your unique national ID number, and perhaps including additional information such as notes about your relationship with your family…
0 Comments
The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target, Qihoo 360’s Network Security Research Lab said in a report published last week. Fodcha